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REMARKS 

Specification has been objected for allegedly containing embedded hyperlink 
(www.yahoo.com) and use of the trademark Apache. Accordingly, the specification has 
been amended to delete reference to www.yahop.com. Regarding, the alleged use of 
trademark Apache. As noted in the attached printout from Trademark Electronic Search 
System (TESS)> Apache Software Foundation has only one trademark filing and it is for 
"SP AMASS ASSEM." That is, Apache Software Foundation has no trademark filing for 
alleged trademark "Apache/* Additionally, as shown in the attached printout from the 
Apache Software Foundation website, they use the tenn "Apache** without capitalization 
and without any trademark symbols (i.e., TM, SM, ®). Accordingly, applicant use of the 
term "Apache 5 * in the specification is consistent with Apache Software Foundation's use 
of the tem "Apache." In view of the foregoing, applicant respectfully requests that the 
objection to the specification be withdrawn. 

Claims 10-22 have been rejected under 35 U.S.C § 112, second paragraph, for 
indefiniteness. Claims 10 and 15 have been amended in good-faith to satisfy such 
objections. Accordingly, applicant respectfully requests that this rejection be withdrawn. 

Claims 10-22 have been rejected under 35 U.S.C. § 102(e) as being allegedly 
anticipated by U.S. Patent No. 7,013,482 to Kjumel ("Krumel"). Applicant respectfully 
traverses this rejection. 

A rejection based ™ ^ II.K.C. §102 requires that the cited reference disclose each 
and every element covered by the claim. Electro Medical Systems SA. v. Cooper Life 
Sciences Inc., 32 U,S,P,Q.2d 1017, 1019 (Fed. Or. 1994); Lewmar Marine Inc. v. Barient 
Inc., 3 U.S.P.Q.2d 1766, 1767-68 (Fed. Cir. 1987), cert denied, 484 U.S. 1007 (1988); 
Verdegaal Bros., Inc. V Union Oil Co., 814 F.2d 628, 631, 2 U.S.P.Q.2D 1051, 1053 
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(Fed. Cir.), cert denied , 484 U.S. 827 (1987). The Federal Circuit has mandated that 35 
U.S.C. 102 requires no less than "complete anticipation ... [anticipation requires the 
presence in a single prior art disclosure of all elements of a claimed invention arranged as 
in the claim." Connell v. Sears, Roebuck & Co., 772 F.2d 1542, 1548, 220 ULS J>.Q. 193, 
198 (Fed. Or. 1983); See also, Electro Medical Systems, 32 U.S.P.Q. 2d at 1019; 
Verdegaal Bros. , 8 14 F.2d at 63 1 . 

The Examiner has failed to establish that Krumel is an anticipatory reference 
under 35 U.S.C. § 102(e) because Krumel does not teach or suggest none of the steps 
claimed in independent claims 10 and 15. Particularly, Krumel does not teach or suggest 
defining a finite state machine for each application protocol, modeling finite state 
machines established for each application protpcol, generating analysis models from 
finite state machine models for each application protocol and filtering the transported 
data using the analysis models established for each application protocol, as required in 
claim 10. Similarly, Krumel does not teach or suggest filtering the transported data based 
on ihs analysis models established for application protocol, as required in claim 15. 

The present invention relates to a method for securing logical access to 
information and/or computing resources in a group of computer equipment. The group of 
computer equipment exchange data with a computer telecommunication network, 
according to at least one application protocol. As recited in claim 10, the inventive 
method comprises the following steps: defining a finite-state machine for each 
application protocol; modelling each finite-state machine established for each application 
protocol in the form of a model; generating, from each model, an analysis module for 
each application protocol by means of an interpreter; and filtering the transported data in 
an operating system by means of the analysis modules. 
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As detailed in paragraphs 72-76 of the specification, the present invention 
advantageously filters the transported data and then detects and blocks a large number of 
"application'" attacks. In paragraph 4 of the specification, applicant defines an 
"application" attack as an attack that uses either the vulnerability of an "application** 
protocol; the vulnerabilities linked to the implementation of an "application" protocol by 
a developer; or the vulnerabilities linked to the use of an application, particularly by a 
:,- network administrator. • 

Whereas, Krumel describes methods for ensuring computer secnirity and data 
protection by filtering Internet data packets. Krumel provides a stateful packet filtering 
hub for examining network packet and detenninihg whether the packet is allowed into or 
out of a network (see Knimel, col. 2, lines 16-66). The packet characteristic logic 22 
examines the packet data to determine packet characteristic data, such as the packet type, 
datagram boundaries, packet start, packet end, data offset counts, protocols, flags and 
receiving ports. These packet data characteristics are then provided to packet type filters 
26 and state rules filters 42 which make a decision whether the packet should be passed 
or foiled. (See Krumel, coL 6, lines 43 to col. 7, lines 2 1). 

KrumePs statefdl packet filtering hub, enabling parallel filtering, consists of 
packet characteristics logic 22, packet type filters 26, and state rules filters 42 (see 
Krumel, col. 2, lines 19-20; col. 6-15-17). Although Krumel describes that "[t]he filters 
of packet type filters 26 are preferably expressed as fixed state machines" (Kurmel, col. 
6, lines 55-57), but contrary to the Examiner's erroneous assertion, Krumel does not 
teach or suggest "defining a finite-state machine for each appUcatipq protocol," as 
required in claim 10. That is, Krumel does not take into account the application protocols 
when defining the fixed state machines as required by the claims of the present invention. 
At best, Krumel considers protocol (one of the packet characteristic data) only to make a 
decision whether the packet should be passed or failed. Accordingly, contrary to the 
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Examiner's assertion, Krumel does not anticipate the claims of the present invention 
because Krumel does not teach or suggest all of the claim elements of the present 
invention. 

fi To imbue one of ordinary skill in the art with knowledge of the present 
invention, when no prior art reference or references of record convey or suggest that 
knowledge, is to fall victim of the insidious effect of hindsight syndrome, wherein that 
which only the inventor taught is used against the teacher." WX. Gore & Assoc. v. 
Garlochlnc, 121 F.2d 1540, 1553 (Fed. Cix. 1983). 

Additionally, it is unclear where Krumel describes that a finite state machine are 
defined for each application protocol as required in claim 10 and filtering the transported 
data using analysis module established for each application protocol as required in claim 
15. Applicant requests that the Examiner provide a citation in Krumel supporting his 
untenable position that the finite state machines are defined for each, application protocol 
and analysis modules established for each application protocol. 

Moreover, as noted herein, Krumel only examines the packet characteristic data, 
such as the packet type, datagram boundaries, packet start, packet end, data offset counts, 
protocols, flags and receiving ports, which the present invention classify these packet 
characteristic data as being the '"transport data." As shown in Fig. 2 and paragraph 68 of 
the specification,^ the transport data are data relating or conforming to the application 
protocol. Although "the present invention examines both the "transport data" (packet 
characteristic data) and the "transported data" (actual data being transported by the 
packet), the claims of the present invention require that the "transported data" (actual data 
being transported by the packet) be filtered. Hence, contrary to the Examiner's assertion, 
Kiumel does not teach or suggest filtering the "transported data," as required by the 
claims of the present invention. Further, applicant respectfully submits Kiumel is 
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vulnerable to any application attacks arising from the "transported data" and does not 
address the problem solved by the present invention. . 

Applicant respectfully submits that the Examiner using hindsight gleaned from the 
present invention to contradict the clear teaching of the prior art reference to render 
claims unpatentable. The prior must to be judged based on a full and fair consideration 
of what that art teaches, apt by using applicant's invention as a blueprint for gathering 
various bits and modifying the pieces in an attempt to reconstruct applicant's invention. 
The Examiner cannot simply change the principle of the operation of the reference to 
render the claims unpatentable. Further, one of ordinary skill in the art will not equate 
the packet characteristic or transport data as being equivalent to the transported data 
(actual data transported by the packet). 

It is well , settled that the Examiner cannot contradict the clear teaching of the 
reference to render the claims unpatentable. Therefore, contrary to the Examiner's 
assertion, Krumel is not an anticipatory reference to the present invention because 
Krumel does not teach or suggest all of the elements of the claims of the present 
invention- 

In view of the above, applicant believes the pending application is ih condition for 
allowance. 


10 


25790778.1 


PAGE 12/14 1 RCVD AT 6/28/2007 4:27:47 PM [Eastern Daylight Time] 1 SVR:USPTO-EFXRF-1/20 1 DNIS:27383O0 • CSID:2123183400 ■ DURATION (mm*s):0448 


FULBR I GHT8 J AWORSK I 


Fax:2123183400 


Jun 28 2007 16:41 


p. 13 RECEIVED 

CENTRAL FAX CENTER 

JUN 2 8 2007 


Application No. 10/537,310 

Aniendmeut dated Jim© 28, 2007 

Reply to Office Action ofFcbramy 5, 2007 


Docket No.: NY-GRYN 223-US 


Applicant authorized the Commissioner to deduct the 2-month extension of time 
fee ($225.00) from our Deposit Account No. 50-0624, under Order No. N^-GRYN 223- 
US (10505903) from which the undersigned is authorized to draw. 


Dated: June 28, 2007 


Respectfully 



Registration No.: 40,657 

FULBRJGHT & JAWORSKI L.L.P. 

666 Fifth Avenue 

New York, New York 10103 

(212)318-3000 

(212)318-3400 (Fax) 

Attorney for Applicant 
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